Each year about this time, Mississippi taxpayers gather their shoeboxes full of receipts and forms, preparing for the annual ritual of filing their taxes. Since Monday marked the official beginning of 2018 tax season, it’s also the time when scammers greedily eye the billions of dollars in potential loot as we file our taxes. And it’s a big haul, too: the IRS estimated that tax scammers took in $21 billion in 2016.

Monday also marked the start of Tax Identity Theft Awareness Week, which highlights some of the risks and scams that seek to cash in on your taxes. Each year, millions of taxpayers get a nasty surprise when they file their taxes: somebody’s already claimed their refund by using their Social Security number. Often, they don’t know their identity has been stolen until they get a letter from the IRS to let them know more than one tax return has been filed in your name.

Although these scams are still going strong, there is some good news: Efforts to thwart tax-related identity theft appear to be working. In 2017, fewer people complained to the Federal Trade Commission and other agencies about tax-related identity theft than in previous years (the second year of decreases in a row). Last year, about 22 percent of identity-theft complaints concerned tax-related activity, down significantly from 2016’s number of 33 percent.

IRS imposters activity appears to be declining as well. IRS imposters call consumers to claim they’re from the IRS, and often use scare tactics and threat of prosecution if they don’t pay immediately. Calls about IRS imposters dropped off by more than half in 2017.

But another type of tax-related fraud appears to be growing. The “W-2 Scam” (otherwise known as Business Email Compromise or BEC) is targeting businesses, educational institutions and organizations. In this diabolical ruse, scammers send an email that appears to be from the IRS (“phishing”), requesting copies of all employees’ W-2 forms. Of course, the W-2 is a virtual smorgasbord of information for scammers, containing official names and addresses, Social Security numbers, income and withholdings. “Criminals use that information to file fraudulent tax returns, or post it for sale on the Dark Net,” noted the IRS in a news release. Business Email Compromise scams cost companies $5 billion worldwide each year, added the FBI.

Hundreds of businesses, institutions, nonprofits and government agencies have all been fooled in 2017 by the official-looking emails. The IRS notes that the fraudsters often do their homework on businesses, finding the CEO or others in positions of authority. Once the victim has taken the bait, many victims reported that they get a follow-up email requesting funds by wire transfer. The emails are reportedly so good they have fooled many experienced executives who never thought they’d fall for a scheme like that.

The IRS advises it could be weeks or months before you realize you’ve been scammed. But if you have, report it immediately to dataloss@irs.gov, using “W2 Data Loss” in the subject line. And, the IRS cautions, don’t attach any sensitive information. For more on the W2 scam from the IRS, visit http://bit.ly/2ohM4D1.

While you may be eagerly awaiting your tax refund this year, be aware that crooks are out there, too. As always, being vigilant, aware and a little bit skeptical can often be the best protection.